Loading ...
Loading ...
Security Operations Engineer
View: 111
Update day: 07-05-2024
Location: Nuneaton West Midlands
Category: IT - Software
Industry: Human Resources
Position: Entry level
Job type: Full-time
Loading ...
Job content
Holland and Barrett is building a Cyber Security capability to ensure a coordinated response to the increasing cyber security threats, to enable risk based decisions to be made consistently across the organisation and to establish sustainable security capabilities that are integrated with the business. This role is for a mid-level resource for the Security Operations Centre with four main areas to cover - security monitoring, security incident investigations and response, SIEM platform implementation, assisting with tools selections for the SOC and threat intelligence.Be a key member of the Security Operations Centre team to support the protection of H&B its assets, reputation and prevent losses due to breaches
Help in embedding real time logs and various external feeds to monitor our key assets (e.g. website, mobile apps, Cloud and on-premise assets)
Ensure SOC services are setup and delivered according to agreed Service Level Agreements
Contribute to the overall information security strategy
Drive the evolution of the SOC ("Detect", "Respond" and "Recover") capabilities
Support the implementation of various services related to an efficient cyber security operation
Ensure high service quality to business functions. and other stakeholders
Provide high-quality, prioritised and up-to-date information about the evolution of security threats that are relevant to H&B
Contribute to the improvement of the security operations centre capabilities on a year on year basis and adapt to evolution of cyber threats and to ensure a high-level of protection of H&B information and assets
Actively support the senior security leadership team
The Person
We’d Love To Meet Someone With
Experience working in an internal Security Operations Centre - improving their security knowledge and awareness. Walking through newly deployed security solutions and how to bring them into operational activities.
In-depth understanding of Microsoft and AWS cloud environments with proven experience deploying and maintaining security solutions for an operational team.
Experience leading and securing cloud environments, following, and executing on strategic direction
Excellent problem-solving skills – evidence of demonstrating innovative and methodical thinking.
Strong experience reading and consuming security operational alerts and logs (3rd Party and cloud native) as well as programming / scripting languages (e.g., PowerShell, PowerApps, KQL), to automate tasks, to enable security at speed and scale.
The scope of the role covers security incident response and investigations, security monitoring, threat intelligence and SOC platform engineering and support and will play an important part in smooth running of these services.
The Sec Ops Engineer Will
Work closely with the Security Operations Management Team to ensure all areas of SOC are aligned
Support and be a key player for setting up the SOC and maintain oversight of the lifecycle of in-scope technology that supports the SOC’s services;
Prevent attacks through knowledge and expertise on databases, network, hardware, firewalls and encryption
Monitoring of all H&B technologies, data assets and services
Detection using knowledge as well as automated events generated from various services
Ownership of incident investigations and swift resolution, depending on risks and priority of the incidents.
Root cause analysis incidents and improve response processes.
Support automation of incident runbooks/playbooks
Key Skills And Experience
3 years’ experience in Information and Cyber Security gained in Security Operations Centre
Demonstrate progression and development from L1, 2 and L3 positions
Demonstrate experience with SIEM tools and technologies
Good understanding of network and cloud architecture and corresponding security controls
Demonstrate defence in depth security from an IT perspective
Experience in end to end information security incident management and mitigating and addressing threat vectors including Advanced Persistent Threat (APTs), Distributed Denial of Service (DDoS), Phishing, Malicious Payloads, Malware, etc.
Demonstrate cyber hunting techniques
Experience with Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Web Application, Firewalls, Firewall logs, systems logs, web logs, other application and event logs
Good experience of working in Cloud environments such as AWS, Azure, M365 and SaaS applications
Experience with building threat-based Use Cases using frameworks such as MITRE ATT&CK
Log carving and log investigation
Open Source dependency scanning
Bachelor’s degree in computer science, Engineering, or related field
Information Security and/or Information Technology industry certification (CISSP, CISA, CISM, GIAC , SANS SEC401 or equivalent a strong plus)
Other Skills
Understanding of security threats, attack scenarios, intrusion detection and incident management.
Strong facilitation, negotiation and conflict resolution skills.
Ability to deal with ambiguity and to keep a cool head when dealing with crisis or stressful situations
Strong analytical skills
Loading ...
Loading ...
Deadline: 21-06-2024
Click to apply for free candidate
Report job
Loading ...
Loading ...
SIMILAR JOBS
-
⏰ 25-06-2024🌏 Gaydon, West Midlands
-
💸 £35,000/yr - £45,000/yr⏰ 21-06-2024🌏 Stoke-on-Trent, West Midlands
-
⏰ 12-06-2024🌏 Rugby, West Midlands
-
⏰ 17-06-2024🌏 Shrewsbury, West Midlands
Loading ...
-
⏰ 08-06-2024🌏 Stoke-on-Trent, West Midlands
-
⏰ 08-06-2024🌏 Birmingham, West Midlands
-
⏰ 25-06-2024🌏 Telford, West Midlands
-
⏰ 17-06-2024🌏 Telford, West Midlands
Loading ...
-
⏰ 17-06-2024🌏 Shrewsbury, West Midlands
-
⏰ 20-06-2024🌏 Evesham, West Midlands